package org.f0rb.core.security;

import org.f0rb.core.web.DefaultWebServiceImpl;
import org.f0rb.core.web.WebModel;
import org.f0rb.core.web.WebServiceResult;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

import java.util.List;

/**
 * Class com.oliveoffice.demo.common description goes here.
 *
 * @author Yuan Zhen
 * @version 1.0.0 11-11-7
 */
public abstract class SecurityWebServiceImpl<T extends WebModel<?>> extends DefaultWebServiceImpl<T> {
    private static final Logger LOGGER = LoggerFactory.getLogger(SecurityWebServiceImpl.class);

    /**
     * {@inheritDoc}
     */
    @Override
    public String execute(final T o) {
        LOGGER.debug("execute [{}:{}] start;", new Object[]{o.model(), o.service()});

        String convertedServiceName = convertServiceName(o.service());
        String serviceResult = WebServiceResult.CODE_404.alias;

        try {
            //2. 如果访问的业务存在，但是不在权限排除列表中，要进行权限验证
            if (isLimitedService(convertedServiceName)) {
                // 2.1 如果用户未登录，转向登录页面
                SecurityUser su = SecurityContext.getInstance().getSecurityUser();
                if (su == null) {
                    serviceResult = isJsonService(convertedServiceName) ?
                            WebServiceResult.JSON.alias :
                            WebServiceResult.REDIRECT_TO_LOGIN.alias;
                    return serviceResult;
                }
                // 2.2 如果用户已登录，但没有相应权限，返回403
                if (!SecurityContext.getInstance().isPermitted(o.model(), convertedServiceName)) {
                    serviceResult = isJsonService(convertedServiceName) ?
                            WebServiceResult.JSON.alias :
                            WebServiceResult.CODE_403.alias;
                    return serviceResult;
                }
            }
            serviceResult = execute((convertedServiceName), o);
            //if (serviceResult == null || isJsonService(convertedServiceName)) {
            //    serviceResult = WebServiceResult.JSON.alias;
            //}
            return serviceResult;
        } catch (RuntimeException re) {
            re.printStackTrace();
			o.addMessage(re.getMessage());
			return isJsonService(convertedServiceName) ?
					WebServiceResult.JSON.alias : WebServiceResult.CODE_500.alias;
        }
        finally {
            LOGGER.debug("execute service [{}:{}] end with result [{}]!",
                    new Object[]{o.model(), o.service(), serviceResult});
        }
    }

    /**
     * 判断访问的业务是否<strong>不需要</strong>权限验证.
     *
     * @param serviceName serviceName
     * @return true if serviceName is in the excludedService list; otherwise false
     */
    private boolean isLimitedService(String serviceName) {
        return getLimitedService().contains(serviceName);
    }

    /**
     * 获取需要进行权限验证的业务列表.
     *
     * @return 不需要验证权限的业务List
     */
    public abstract List<String> getLimitedService();
}
